Skip to content

Add security updates #16

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
bsweger merged 5 commits into from
Apr 2, 2025
Merged

Add security updates #16

bsweger merged 5 commits into from
Apr 2, 2025

Conversation

@bsweger
Copy link
Contributor

@bsweger bsweger commented Apr 1, 2025

Closes #15

This PR can be reviewed commit by commit and does the following:

  • Add CODEOWNERS to monitor GitHub workflow updates
  • Set up Dependabot to flag updates to GitHub actions
  • Pin 3rd party GitHub actions via commit SHA
  • Add explicit permissions to workflows
  • Update pkgdown-pr-preview to to the most recent hubverse-developer-actions version

In addition to the changes in this PR, an admin of this repo should update the CodeQL scanning rulesets as documented here: https://hubverse.io/en/latest/developer/security.html#codeql-settings

bsweger added 5 commits April 1, 2025 14:11
@bsweger
Protect GitHub workflows with a CODEOWNERS file
8105120 
This file ensures that updates to workflow-related files will be reviewed by
at least one member of the hubverse-developers team
@bsweger
Configure GitHub dependabot
ae00163 
Instruct dependabot to check for updates to GitHub actions and submit
a pull request to bump the versions
@bsweger
Add explicit permissions to GitHub workflows
3005580
@bsweger
Pin third-party GitHub actions by commit SHA instead of tag
4c549aa
@bsweger
Update pkgdown-netlify-preview to latest version in hubverse-develope…
b16552a 
…r-actions
@bsweger bsweger requested a review from lshandross April 1, 2025 18:27
@github-actions
Copy link

github-actions bot commented Apr 1, 2025

🚀 Deployed on https://67ec30e3d258705dffc54777--hubci-pr-previews.netlify.app

zkamvar
zkamvar approved these changes Apr 1, 2025
View reviewed changes
Copy link
Contributor

@zkamvar zkamvar left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you, @bsweger!

@bsweger bsweger merged commit a3b3407 into main Apr 2, 2025
5 checks passed
@bsweger bsweger deleted the bs/add-security-updates/15 branch April 2, 2025 13:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lshandross lshandross Awaiting requested review from lshandross

1 more reviewer

@zkamvar zkamvar zkamvar approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Resolve code scanning issues in hubCI

3 participants

@bsweger @zkamvar